147151e4bSgaurav rana /* 247151e4bSgaurav rana * Copyright 2015 Freescale Semiconductor, Inc. 347151e4bSgaurav rana * 447151e4bSgaurav rana * SPDX-License-Identifier: GPL-2.0+ 547151e4bSgaurav rana */ 647151e4bSgaurav rana 747151e4bSgaurav rana #include <common.h> 847151e4bSgaurav rana #include <command.h> 947151e4bSgaurav rana #include <fsl_validate.h> 1047151e4bSgaurav rana 11c4666cf6SSaksham Jain int do_esbc_halt(cmd_tbl_t *cmdtp, int flag, int argc, 1298cb0efdSgaurav rana char * const argv[]) 1398cb0efdSgaurav rana { 14856b2846SAneesh Bansal if (fsl_check_boot_mode_secure() == 0) { 15856b2846SAneesh Bansal printf("Boot Mode is Non-Secure. Not entering spin loop.\n"); 16856b2846SAneesh Bansal return 0; 17856b2846SAneesh Bansal } 18856b2846SAneesh Bansal 1998cb0efdSgaurav rana printf("Core is entering spin loop.\n"); 2098cb0efdSgaurav rana loop: 2198cb0efdSgaurav rana goto loop; 2298cb0efdSgaurav rana 2398cb0efdSgaurav rana return 0; 2498cb0efdSgaurav rana } 2598cb0efdSgaurav rana 2647151e4bSgaurav rana static int do_esbc_validate(cmd_tbl_t *cmdtp, int flag, int argc, 2747151e4bSgaurav rana char * const argv[]) 2847151e4bSgaurav rana { 29bc71f926SAneesh Bansal char *hash_str = NULL; 30b055a0fdSAneesh Bansal uintptr_t haddr; 31bc71f926SAneesh Bansal int ret; 32*85bb3896SSaksham Jain uintptr_t img_addr = 0; 33*85bb3896SSaksham Jain char buf[20]; 34bc71f926SAneesh Bansal 3547151e4bSgaurav rana if (argc < 2) 3647151e4bSgaurav rana return cmd_usage(cmdtp); 37bc71f926SAneesh Bansal else if (argc > 2) 38bc71f926SAneesh Bansal /* Second arg - Optional - Hash Str*/ 39bc71f926SAneesh Bansal hash_str = argv[2]; 4047151e4bSgaurav rana 41bc71f926SAneesh Bansal /* First argument - header address -32/64bit */ 42b055a0fdSAneesh Bansal haddr = (uintptr_t)simple_strtoul(argv[1], NULL, 16); 43bc71f926SAneesh Bansal 44b055a0fdSAneesh Bansal /* With esbc_validate command, Image address must be 45b055a0fdSAneesh Bansal * part of header. So, the function is called 46b055a0fdSAneesh Bansal * by passing this argument as 0. 47b055a0fdSAneesh Bansal */ 48*85bb3896SSaksham Jain ret = fsl_secboot_validate(haddr, hash_str, &img_addr); 49*85bb3896SSaksham Jain 50*85bb3896SSaksham Jain /* Need to set "img_addr" even if validation failure. 51*85bb3896SSaksham Jain * Required when SB_EN in RCW set and non-fatal error 52*85bb3896SSaksham Jain * to continue U-Boot 53*85bb3896SSaksham Jain */ 54*85bb3896SSaksham Jain sprintf(buf, "%lx", img_addr); 55*85bb3896SSaksham Jain setenv("img_addr", buf); 56*85bb3896SSaksham Jain 57bc71f926SAneesh Bansal if (ret) 58bc71f926SAneesh Bansal return 1; 59bc71f926SAneesh Bansal 60bc71f926SAneesh Bansal printf("esbc_validate command successful\n"); 61bc71f926SAneesh Bansal return 0; 6247151e4bSgaurav rana } 6347151e4bSgaurav rana 6447151e4bSgaurav rana /***************************************************/ 6547151e4bSgaurav rana static char esbc_validate_help_text[] = 6647151e4bSgaurav rana "esbc_validate hdr_addr <hash_val> - Validates signature using\n" 6747151e4bSgaurav rana " RSA verification\n" 6847151e4bSgaurav rana " $hdr_addr Address of header of the image\n" 6947151e4bSgaurav rana " to be validated.\n" 7047151e4bSgaurav rana " $hash_val -Optional\n" 7147151e4bSgaurav rana " It provides Hash of public/srk key to be\n" 7247151e4bSgaurav rana " used to verify signature.\n"; 7347151e4bSgaurav rana 7447151e4bSgaurav rana U_BOOT_CMD( 7547151e4bSgaurav rana esbc_validate, 3, 0, do_esbc_validate, 7647151e4bSgaurav rana "Validates signature on a given image using RSA verification", 7747151e4bSgaurav rana esbc_validate_help_text 7847151e4bSgaurav rana ); 7998cb0efdSgaurav rana 8098cb0efdSgaurav rana U_BOOT_CMD( 8198cb0efdSgaurav rana esbc_halt, 1, 0, do_esbc_halt, 82856b2846SAneesh Bansal "Put the core in spin loop (Secure Boot Only)", 8398cb0efdSgaurav rana "" 8498cb0efdSgaurav rana ); 85